Tiered risk model for event correlation

a risk model and event correlation technology, applied in the field of threat identification to an enterprise, can solve problems such as negative effects on business reputation, regulatory compliance, continuity, and high cost of web application security breaches, and other security breaches may be occurring on a much higher frequency

Active Publication Date: 2012-03-29
BANK OF AMERICA CORP
View PDF3 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0023]In some embodiments, the processing device is configured for analyzing comprising correlating two or more portions of log data based at least in part on the one or more outputs from the one or more controls applied to the log data, the correlating to identify one or more security events.
[0024]In some embodiments, the one or more object logs comprise one or more application logs corresponding to one or more applications of an enterprise. In some embodiments, the one or more object logs comprise one or more computing system logs of an enterprise. In some embodiments, the one or more object logs comprise one or more databases of an enterprise. In some embodiments, the processing device is further configured for initiating remediation of one or more of the security events based at least in part on the correlated log data and the one or more risk tiers into which the correlated log data is classified.
[0025]According to embodiments of the present invention, a computer program product includes a non-transient computer-readable memory comprising computer-readable instructions for real-time threat monitoring. The instructions includes instructions for applying a risk methodology to log data thereby identifying one or more security events, the log data contained in one or more object logs; instructions for applying a risk tiering model to the one or more security events, thereby classifying the one or more security events into one or more of a plurality of risk tiers; and instructions for initiating an alert based at least in part on the one or more security events and the one or more risk tiers into which the one or more security events is classified. In some embodiments, the instructions for applying a risk methodology to log data thereby identifying one or more security events include instructions for correlating two or more portions of the log data each corresponding to at least one of the security events.
[0026]In some e...

Problems solved by technology

Such attacks to websites and/or web applications, of course, can negatively affect business reputation, regulatory compliance, and continuity.
The cost of web application security breaches can be very high and in some cases incalculable as breaches can...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Tiered risk model for event correlation
  • Tiered risk model for event correlation
  • Tiered risk model for event correlation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037]Embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all, embodiments of the invention are shown. Indeed, the invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will satisfy applicable legal requirements. Like numbers refer to like elements throughout.

[0038]Embodiments of the invention provide for systems, methods and computer program products for real-time threat monitoring. In some embodiments, a method includes identifying two or more real time vulnerabilities, each associated with one or more objects of an enterprise, correlating the two or more real-time vulnerabilities to each other, applying a risk tiering model to the correlated real-time vulnerability, thereby classifying the correlated real-time vulnerability into risk tiers, and initia...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method for real-time threat monitoring includes identifying two or more real time vulnerabilities, each associated with one or more objects of an enterprise, correlating the two or more real-time vulnerabilities to each other, applying a risk tiering model to the correlated real-time vulnerability, thereby classifying the correlated real-time vulnerability into risk tiers, and initiating an alert based on the correlated real-time vulnerability and the risk tiers into which the correlated real-time vulnerability is classified. According to other embodiments a method includes applying a risk methodology to log data contained in one or more object logs thereby identifying one or more security events, applying a risk tiering model to the one or more security events, thereby classifying the security events into risk tiers, and initiating an alert based on the security events and the risk tiers into which the security events are classified.

Description

FIELD[0001]In general, embodiments of the invention relate to identifying threats to an enterprise. More specifically, embodiments of the invention relate real-time threat monitoring, identification, classification and remediation.BACKGROUND[0002]Programmers and other cyber-criminals, referred to as “hackers,” are constantly creating new threats such as by circumventing traditional network firewalls and intrusion detection systems. Further, hackers appear to be attacking web applications directly through encrypted secure socket layer (SSL) sessions. Such attacks to websites and / or web applications, of course, can negatively affect business reputation, regulatory compliance, and continuity. The cost of web application security breaches can be very high and in some cases incalculable as breaches can reach across enterprises through every line of business, even affecting enterprise-customer relationships in some instances.[0003]In some enterprises, preventative vulnerability assessment...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/00
CPCG06F21/577H04L63/1433H04L63/1416
Inventor BROCK, THOMASCHEVIS, NELSONHARRIS, TRISHLE, MAU Q.
Owner BANK OF AMERICA CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap